Warning: Permanently added '[localhost]:29823' (ED25519) to the list of known hosts.
2025/11/28 17:07:33 parsed 1 programs
syzkaller login: [   90.947513][ T5319] cgroup: Unknown subsys name 'net'
[   91.012983][ T5319] cgroup: Unknown subsys name 'cpuset'
[   91.020383][ T5319] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   91.990198][   T56] cfg80211: failed to load regulatory.db
[   92.841596][ T5319] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.722425][ T5340] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   98.283005][ T5368] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   98.287513][ T5368] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   98.291420][ T5368] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   98.295114][ T5368] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   98.304868][ T5368] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   99.404118][ T5385] chnl_net:caif_netlink_parms(): no params data found
[   99.499831][ T5385] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.504851][ T5385] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.508097][ T5385] bridge_slave_0: entered allmulticast mode
[   99.515411][ T5385] bridge_slave_0: entered promiscuous mode
[   99.521638][ T5385] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.524602][ T5385] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.527497][ T5385] bridge_slave_1: entered allmulticast mode
[   99.531658][ T5385] bridge_slave_1: entered promiscuous mode
[   99.560670][ T5385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.567212][ T5385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.600926][ T5385] team0: Port device team_slave_0 added
[   99.606616][ T5385] team0: Port device team_slave_1 added
[   99.632703][ T5385] batman_adv: batadv0: Adding interface: batadv_slave_0
[   99.635990][ T5385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.647378][ T5385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   99.654726][ T5385] batman_adv: batadv0: Adding interface: batadv_slave_1
[   99.658045][ T5385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   99.670398][ T5385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   99.712496][ T5385] hsr_slave_0: entered promiscuous mode
[   99.716302][ T5385] hsr_slave_1: entered promiscuous mode
[   99.887079][ T5385] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   99.896952][ T5385] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   99.904668][ T5385] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   99.914601][ T5385] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   99.949077][ T5385] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.952265][ T5385] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.956231][ T5385] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.959746][ T5385] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.016227][ T5385] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.033405][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.037670][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.051610][ T5385] 8021q: adding VLAN 0 to HW filter on device team0
[  100.060982][ T1093] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.064238][ T1093] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.081310][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.084786][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.276895][ T5385] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.318052][ T5385] veth0_vlan: entered promiscuous mode
[  100.332162][ T5385] veth1_vlan: entered promiscuous mode
[  100.359902][ T5385] veth0_macvtap: entered promiscuous mode
[  100.366715][ T5385] veth1_macvtap: entered promiscuous mode
[  100.390734][ T5385] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.403527][ T5385] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.416298][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.431873][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.435767][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.447636][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.607272][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.654214][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.703022][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.752963][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.936840][   T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.963371][   T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.003570][   T31] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.007638][   T31] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/11/28 17:07:48 executed programs: 0
[  102.686139][ T5368] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  102.691774][ T5368] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  102.695558][ T5368] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  102.700224][ T5368] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  102.704540][ T5368] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  102.857324][ T5430] chnl_net:caif_netlink_parms(): no params data found
[  102.929277][ T5430] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.932178][ T5430] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.935268][ T5430] bridge_slave_0: entered allmulticast mode
[  102.940693][ T5430] bridge_slave_0: entered promiscuous mode
[  102.946051][ T5430] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.949651][ T5430] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.952793][ T5430] bridge_slave_1: entered allmulticast mode
[  102.956392][ T5430] bridge_slave_1: entered promiscuous mode
[  102.984165][ T5430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.991127][ T5430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.017937][ T5430] team0: Port device team_slave_0 added
[  103.024096][ T5430] team0: Port device team_slave_1 added
[  103.048023][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.051821][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.064239][ T5430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.072178][ T5430] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.075319][ T5430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.088041][ T5430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.126478][ T5430] hsr_slave_0: entered promiscuous mode
[  103.129883][ T5430] hsr_slave_1: entered promiscuous mode
[  103.132829][ T5430] debugfs: 'hsr0' already exists in 'hsr'
[  103.135321][ T5430] Cannot create hsr debugfs directory
[  103.374665][   T12] bridge_slave_1: left allmulticast mode
[  103.377296][   T12] bridge_slave_1: left promiscuous mode
[  103.393724][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.414604][   T12] bridge_slave_0: left allmulticast mode
[  103.417125][   T12] bridge_slave_0: left promiscuous mode
[  103.429395][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.994970][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.002824][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.008336][   T12] bond0 (unregistering): Released all slaves
[  104.131264][   T12] hsr_slave_0: left promiscuous mode
[  104.142096][   T12] hsr_slave_1: left promiscuous mode
[  104.145160][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.148248][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.171824][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.175103][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.198059][   T12] veth1_macvtap: left promiscuous mode
[  104.207140][   T12] veth0_macvtap: left promiscuous mode
[  104.219900][   T12] veth1_vlan: left promiscuous mode
[  104.222609][   T12] veth0_vlan: left promiscuous mode
[  104.760988][   T12] team0 (unregistering): Port device team_slave_1 removed
[  104.781009][ T5368] Bluetooth: hci0: command tx timeout
[  104.800197][   T12] team0 (unregistering): Port device team_slave_0 removed
[  105.374897][ T5430] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.384935][ T5430] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  105.427931][ T5430] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.447834][ T5430] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.095895][ T5430] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.156871][ T5430] 8021q: adding VLAN 0 to HW filter on device team0
[  106.181223][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.184764][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.234408][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.237833][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.332222][ T5430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  106.511675][ T5430] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.547979][ T5430] veth0_vlan: entered promiscuous mode
[  106.561239][ T5430] veth1_vlan: entered promiscuous mode
[  106.590230][ T5430] veth0_macvtap: entered promiscuous mode
[  106.597914][ T5430] veth1_macvtap: entered promiscuous mode
[  106.610250][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.618311][ T5430] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.631576][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.640583][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.644242][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.648091][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.715032][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.718440][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.750219][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.753621][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.858944][ T5368] Bluetooth: hci0: command tx timeout
[  107.022598][ T5471] loop0: detected capacity change from 0 to 32768
[  107.077418][  T105] BUG: spinlock bad magic on CPU#0, jfsCommit/105
[  107.080389][  T105] ==================================================================
[  107.083779][  T105] BUG: KASAN: slab-out-of-bounds in string+0x231/0x2b0
[  107.086952][  T105] Read of size 1 at addr ffff888036b5c9d0 by task jfsCommit/105
[  107.090371][  T105] 
[  107.091531][  T105] CPU: 0 UID: 0 PID: 105 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  107.091545][  T105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.091553][  T105] Call Trace:
[  107.091560][  T105]  <TASK>
[  107.091566][  T105]  dump_stack_lvl+0x189/0x250
[  107.091587][  T105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.091603][  T105]  ? lock_release+0x4b/0x3e0
[  107.091617][  T105]  ? __virt_addr_valid+0x4a5/0x5c0
[  107.091634][  T105]  print_report+0xca/0x240
[  107.091648][  T105]  ? string+0x231/0x2b0
[  107.091659][  T105]  kasan_report+0x118/0x150
[  107.091675][  T105]  ? number+0xe1/0xf60
[  107.091686][  T105]  ? string+0x231/0x2b0
[  107.091699][  T105]  string+0x231/0x2b0
[  107.091711][  T105]  vsnprintf+0x739/0xf00
[  107.091725][  T105]  vprintk_store+0x3c7/0xd00
[  107.091742][  T105]  ? __pfx_vprintk_store+0x10/0x10
[  107.091755][  T105]  ? __console_unlock+0x136/0x1a0
[  107.091771][  T105]  ? __pfx___console_unlock+0x10/0x10
[  107.091789][  T105]  ? __irq_work_queue_local+0x1de/0x550
[  107.091803][  T105]  ? __pfx___irq_work_queue_local+0x10/0x10
[  107.091814][  T105]  ? console_unlock+0x13a/0x190
[  107.091828][  T105]  ? __pfx___down_trylock_console_sem+0x10/0x10
[  107.091847][  T105]  ? is_printk_cpu_sync_owner+0x32/0x40
[  107.091866][  T105]  vprintk_emit+0x15f/0x590
[  107.091882][  T105]  ? __pfx_vprintk_emit+0x10/0x10
[  107.091896][  T105]  ? __is_module_percpu_address+0x28/0x3f0
[  107.091912][  T105]  ? rcu_is_watching+0x15/0xb0
[  107.091926][  T105]  ? __kasan_check_byte+0x12/0x40
[  107.091944][  T105]  ? rcu_is_watching+0x15/0xb0
[  107.091958][  T105]  ? rcu_is_watching+0x15/0xb0
[  107.091972][  T105]  ? __kasan_check_byte+0x12/0x40
[  107.091990][  T105]  _printk+0xcf/0x120
[  107.092005][  T105]  ? __pfx__printk+0x10/0x10
[  107.092019][  T105]  ? __lock_acquire+0x99/0xd20
[  107.092032][  T105]  spin_dump+0x102/0x1a0
[  107.092045][  T105]  do_raw_spin_lock+0x1ca/0x290
[  107.092069][  T105]  ? __wake_up_common_lock+0x2f/0x1f0
[  107.092086][  T105]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  107.092106][  T105]  _raw_spin_lock_irqsave+0xb3/0xf0
[  107.092122][  T105]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  107.092137][  T105]  ? dbFree+0x4d1/0x650
[  107.092199][  T105]  __wake_up_common_lock+0x2f/0x1f0
[  107.092219][  T105]  release_metapage+0x13c/0xac0
[  107.092236][  T105]  ? txFreeMap+0xb19/0xde0
[  107.092259][  T105]  ? do_raw_spin_unlock+0x4d/0x240
[  107.092277][  T105]  xtTruncate+0xe84/0x2e70
[  107.092302][  T105]  ? __pfx_xtTruncate+0x10/0x10
[  107.092325][  T105]  ? reacquire_held_locks+0x127/0x1d0
[  107.092339][  T105]  ? __mark_inode_dirty+0x4cc/0xe10
[  107.092356][  T105]  ? __asan_memset+0x22/0x50
[  107.092370][  T105]  ? __dquot_initialize+0x218/0xcb0
[  107.092384][  T105]  jfs_free_zero_link+0x33a/0x4a0
[  107.092401][  T105]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  107.092417][  T105]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  107.092432][  T105]  jfs_evict_inode+0x363/0x440
[  107.092447][  T105]  ? evict+0x4f8/0x9c0
[  107.092461][  T105]  ? __pfx_jfs_evict_inode+0x10/0x10
[  107.092475][  T105]  evict+0x504/0x9c0
[  107.092491][  T105]  ? __pfx_evict+0x10/0x10
[  107.092503][  T105]  ? do_raw_spin_unlock+0x4d/0x240
[  107.092521][  T105]  ? _raw_spin_unlock+0x28/0x50
[  107.092535][  T105]  ? iput+0x946/0xc50
[  107.092555][  T105]  jfs_lazycommit+0x43f/0xa90
[  107.092568][  T105]  ? __pfx_jfs_lazycommit+0x10/0x10
[  107.092580][  T105]  ? __pfx_default_wake_function+0x10/0x10
[  107.092593][  T105]  ? __kthread_parkme+0x7b/0x200
[  107.092608][  T105]  ? __kthread_parkme+0x1a1/0x200
[  107.092624][  T105]  kthread+0x711/0x8a0
[  107.092658][  T105]  ? __pfx_jfs_lazycommit+0x10/0x10
[  107.092670][  T105]  ? __pfx_kthread+0x10/0x10
[  107.092686][  T105]  ? _raw_spin_unlock_irq+0x23/0x50
[  107.092701][  T105]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.092717][  T105]  ? __pfx_kthread+0x10/0x10
[  107.092734][  T105]  ret_from_fork+0x4bc/0x870
[  107.092748][  T105]  ? __pfx_ret_from_fork+0x10/0x10
[  107.092763][  T105]  ? __pfx_kthread+0x10/0x10
[  107.092779][  T105]  ret_from_fork_asm+0x1a/0x30
[  107.092795][  T105]  </TASK>
[  107.092800][  T105] 
[  107.273286][  T105] The buggy address belongs to the object at ffff888036b5c940
[  107.273286][  T105]  which belongs to the cache jfs_ip of size 2216
[  107.279989][  T105] The buggy address is located 144 bytes inside of
[  107.279989][  T105]  allocated 2216-byte region [ffff888036b5c940, ffff888036b5d1e8)
[  107.286054][  T105] 
[  107.287124][  T105] The buggy address belongs to the physical page:
[  107.289881][  T105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36b58
[  107.293099][  T105] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  107.296975][  T105] memcg:ffff888059647e01
[  107.299142][  T105] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  107.302724][  T105] page_type: f5(slab)
[  107.304479][  T105] raw: 04fff00000000040 ffff88801f992a00 dead000000000122 0000000000000000
[  107.308161][  T105] raw: 0000000000000000 00000000800d000d 00000000f5000000 ffff888059647e01
[  107.311992][  T105] head: 04fff00000000040 ffff88801f992a00 dead000000000122 0000000000000000
[  107.316251][  T105] head: 0000000000000000 00000000800d000d 00000000f5000000 ffff888059647e01
[  107.320389][  T105] head: 04fff00000000003 ffffea0000dad601 00000000ffffffff 00000000ffffffff
[  107.323990][  T105] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  107.327833][  T105] page dumped because: kasan: bad access detected
[  107.330595][  T105] page_owner tracks the page as allocated
[  107.333040][  T105] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5471, tgid 5471 (syz.0.17), ts 107031114371, free_ts 105645245840
[  107.342918][  T105]  post_alloc_hook+0x234/0x290
[  107.345183][  T105]  get_page_from_freelist+0x2365/0x2440
[  107.347839][  T105]  __alloc_frozen_pages_noprof+0x181/0x370
[  107.350685][  T105]  alloc_pages_mpol+0x232/0x4a0
[  107.353043][  T105]  allocate_slab+0x96/0x350
[  107.355207][  T105]  ___slab_alloc+0xf56/0x1990
[  107.357146][  T105]  __slab_alloc+0x65/0x100
[  107.358867][  T105]  kmem_cache_alloc_lru_noprof+0x3ef/0x6d0
[  107.361550][  T105]  jfs_alloc_inode+0x28/0x70
[  107.363614][  T105]  alloc_inode+0x6a/0x1b0
[  107.365775][  T105]  new_inode+0x22/0x170
[  107.367915][  T105]  jfs_fill_super+0x569/0xd80
[  107.370247][  T105]  get_tree_bdev_flags+0x40e/0x4d0
[  107.372494][  T105]  vfs_get_tree+0x92/0x2b0
[  107.374613][  T105]  do_new_mount+0x302/0xa10
[  107.376309][  T105]  __se_sys_mount+0x313/0x410
[  107.378271][  T105] page last free pid 12 tgid 12 stack trace:
[  107.380622][  T105]  __free_frozen_pages+0xbc4/0xd30
[  107.382757][  T105]  __slab_free+0x2e7/0x390
[  107.384642][  T105]  qlist_free_all+0x97/0x140
[  107.386593][  T105]  kasan_quarantine_reduce+0x148/0x160
[  107.389003][  T105]  __kasan_slab_alloc+0x22/0x80
[  107.391164][  T105]  __kmalloc_cache_noprof+0x36f/0x6f0
[  107.393726][  T105]  netdevice_event+0x3a1/0x8a0
[  107.395787][  T105]  notifier_call_chain+0x1b6/0x3e0
[  107.398058][  T105]  unregister_netdevice_many_notify+0x1860/0x2390
[  107.401055][  T105]  ops_undo_list+0x3dc/0x990
[  107.403089][  T105]  cleanup_net+0x4d8/0x820
[  107.405037][  T105]  process_scheduled_works+0xae1/0x17b0
[  107.407585][  T105]  worker_thread+0x8a0/0xda0
[  107.410566][  T105]  kthread+0x711/0x8a0
[  107.412820][  T105]  ret_from_fork+0x4bc/0x870
[  107.414858][  T105]  ret_from_fork_asm+0x1a/0x30
[  107.416894][  T105] 
[  107.418099][  T105] Memory state around the buggy address:
[  107.420589][  T105]  ffff888036b5c880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  107.423963][  T105]  ffff888036b5c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.427547][  T105] >ffff888036b5c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.430989][  T105]                                                  ^
[  107.433976][  T105]  ffff888036b5ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.437414][  T105]  ffff888036b5ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.441491][  T105] ==================================================================
[  107.446742][  T105] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  107.449846][  T105] CPU: 0 UID: 0 PID: 105 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  107.453934][  T105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.458739][  T105] Call Trace:
[  107.460238][  T105]  <TASK>
[  107.461532][  T105]  dump_stack_lvl+0x99/0x250
[  107.463510][  T105]  ? __asan_memcpy+0x40/0x70
[  107.465690][  T105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.468114][  T105]  ? __pfx__printk+0x10/0x10
[  107.470110][  T105]  vpanic+0x237/0x6d0
[  107.472055][  T105]  ? __pfx_vpanic+0x10/0x10
[  107.474254][  T105]  panic+0xb9/0xc0
[  107.476241][  T105]  ? __pfx_panic+0x10/0x10
[  107.478404][  T105]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  107.480811][  T105]  ? string+0x231/0x2b0
[  107.482417][  T105]  check_panic_on_warn+0x89/0xb0
[  107.484230][  T105]  ? string+0x231/0x2b0
[  107.486111][  T105]  end_report+0x78/0x160
[  107.488130][  T105]  kasan_report+0x129/0x150
[  107.490286][  T105]  ? number+0xe1/0xf60
[  107.492164][  T105]  ? string+0x231/0x2b0
[  107.494146][  T105]  string+0x231/0x2b0
[  107.496000][  T105]  vsnprintf+0x739/0xf00
[  107.497925][  T105]  vprintk_store+0x3c7/0xd00
[  107.500069][  T105]  ? __pfx_vprintk_store+0x10/0x10
[  107.502587][  T105]  ? __console_unlock+0x136/0x1a0
[  107.505058][  T105]  ? __pfx___console_unlock+0x10/0x10
[  107.507404][  T105]  ? __irq_work_queue_local+0x1de/0x550
[  107.509813][  T105]  ? __pfx___irq_work_queue_local+0x10/0x10
[  107.512406][  T105]  ? console_unlock+0x13a/0x190
[  107.514538][  T105]  ? __pfx___down_trylock_console_sem+0x10/0x10
[  107.517334][  T105]  ? is_printk_cpu_sync_owner+0x32/0x40
[  107.519813][  T105]  vprintk_emit+0x15f/0x590
[  107.521839][  T105]  ? __pfx_vprintk_emit+0x10/0x10
[  107.524046][  T105]  ? __is_module_percpu_address+0x28/0x3f0
[  107.526849][  T105]  ? rcu_is_watching+0x15/0xb0
[  107.529260][  T105]  ? __kasan_check_byte+0x12/0x40
[  107.531550][  T105]  ? rcu_is_watching+0x15/0xb0
[  107.533697][  T105]  ? rcu_is_watching+0x15/0xb0
[  107.535694][  T105]  ? __kasan_check_byte+0x12/0x40
[  107.538090][  T105]  _printk+0xcf/0x120
[  107.539985][  T105]  ? __pfx__printk+0x10/0x10
[  107.542127][  T105]  ? __lock_acquire+0x99/0xd20
[  107.544314][  T105]  spin_dump+0x102/0x1a0
[  107.546233][  T105]  do_raw_spin_lock+0x1ca/0x290
[  107.548461][  T105]  ? __wake_up_common_lock+0x2f/0x1f0
[  107.550842][  T105]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  107.553236][  T105]  _raw_spin_lock_irqsave+0xb3/0xf0
[  107.555565][  T105]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  107.558392][  T105]  ? dbFree+0x4d1/0x650
[  107.560390][  T105]  __wake_up_common_lock+0x2f/0x1f0
[  107.562984][  T105]  release_metapage+0x13c/0xac0
[  107.566228][  T105]  ? txFreeMap+0xb19/0xde0
[  107.568121][  T105]  ? do_raw_spin_unlock+0x4d/0x240
[  107.570364][  T105]  xtTruncate+0xe84/0x2e70
[  107.572913][  T105]  ? __pfx_xtTruncate+0x10/0x10
[  107.575006][  T105]  ? reacquire_held_locks+0x127/0x1d0
[  107.577239][  T105]  ? __mark_inode_dirty+0x4cc/0xe10
[  107.579448][  T105]  ? __asan_memset+0x22/0x50
[  107.581665][  T105]  ? __dquot_initialize+0x218/0xcb0
[  107.584080][  T105]  jfs_free_zero_link+0x33a/0x4a0
[  107.586590][  T105]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  107.589081][  T105]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  107.591780][  T105]  jfs_evict_inode+0x363/0x440
[  107.593942][  T105]  ? evict+0x4f8/0x9c0
[  107.595817][  T105]  ? __pfx_jfs_evict_inode+0x10/0x10
[  107.598573][  T105]  evict+0x504/0x9c0
[  107.600666][  T105]  ? __pfx_evict+0x10/0x10
[  107.602915][  T105]  ? do_raw_spin_unlock+0x4d/0x240
[  107.605201][  T105]  ? _raw_spin_unlock+0x28/0x50
[  107.607461][  T105]  ? iput+0x946/0xc50
[  107.609307][  T105]  jfs_lazycommit+0x43f/0xa90
[  107.611425][  T105]  ? __pfx_jfs_lazycommit+0x10/0x10
[  107.613880][  T105]  ? __pfx_default_wake_function+0x10/0x10
[  107.616452][  T105]  ? __kthread_parkme+0x7b/0x200
[  107.618915][  T105]  ? __kthread_parkme+0x1a1/0x200
[  107.621569][  T105]  kthread+0x711/0x8a0
[  107.623592][  T105]  ? __pfx_jfs_lazycommit+0x10/0x10
[  107.626118][  T105]  ? __pfx_kthread+0x10/0x10
[  107.628296][  T105]  ? _raw_spin_unlock_irq+0x23/0x50
[  107.630739][  T105]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.632990][  T105]  ? __pfx_kthread+0x10/0x10
[  107.635000][  T105]  ret_from_fork+0x4bc/0x870
[  107.636944][  T105]  ? __pfx_ret_from_fork+0x10/0x10
[  107.639230][  T105]  ? __pfx_kthread+0x10/0x10
[  107.641406][  T105]  ret_from_fork_asm+0x1a/0x30
[  107.644228][  T105]  </TASK>
[  107.646214][  T105] Kernel Offset: disabled
[  107.648274][  T105] Rebooting in 86400 seconds..